Take a look at the complex relationships that exist today between the ransomware gangs and the various services they utilize, and you quickly realize this is a very organized and effective business.
Ransomware has quickly grown into a robust ecosystem of players, vendors, suppliers and service providers all working in the interest of taking your organization for as much money as is humanly possible.
Cryptocurrency and blockchain data provider Chainalysis in their Ransomware 2021: Critical Mid-year Update Report, shed some light on exactly why. In 2020, the total amount paid by ransomware victims rose 311% from the previous year.
Like reputable online services, both the ransomware code itself and the supporting services it requires are offered in tiers of services to meet the needs of the “customer”. Take the example below showing the various packages offered for use of ransomware software:
The amount of ransomware funds going to these third-party “providers” has also increased significantly in the last 4 quarters (right side of the chart below), demonstrating the increase in observed value in outsourcing some part of the ransomware attack to a specialty third-party, and further expanding the “as a service” definition.
What this means to organizations like yours is the bad guys are working more closely than ever before and are finding more profitable ways to extract money from their victims. So, it’s critical that attacks stop before they do any damage. With phishing remaining a top initial attack vector, having users undergo continual Security Awareness Training will help to minimize the likelihood they will fall for social engineering tactics and engage with malicious email content that act as the launch point for today’s ransomware attacks.